jeffbrl/user-data.sh

## user-data.sh
#!/bin/bash

domain=example.com
commonname=example.com

country=US
state=Virginia
locality=Leesburg
organization=ExampleCo
organizationalunit=IT
email=webmaster@example.com
password=dummypassword

apt-get -y update
apt-get install -y apache2


# workaround to prevent openssl error
touch $HOME/.rnd

echo "Generating key request for $domain"

# This will generate error about RND file; ignore
openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
   -keyout /tmp/$domain.key \
   -out /etc/ssl/certs/$domain.crt \
   -subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email"

#Remove passphrase from the key
echo "Removing passphrase from key"
openssl rsa -in /tmp/$domain.key -passin pass:$password -out /etc/ssl/private/$domain.key

cat << EOF > /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
        <VirtualHost _default_:443>
                ServerAdmin webmaster@$domain
                ServerName $domain

                DocumentRoot /var/www/html

                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined

                SSLEngine on

                SSLCertificateFile      /etc/ssl/certs/$domain.crt
                SSLCertificateKeyFile /etc/ssl/private/$domain.key

                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
        </VirtualHost>
</IfModule>
EOF

cat  << EOF > /etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>

        ServerName $domain
        ServerAdmin webmaster@$domain
        DocumentRoot /var/www/html
        Redirect permanent "/" "https://$domain/"
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

EOF

echo `hostname` > /var/www/html/index.html
echo '<br><br>' >> /var/www/html/index.html
# create ~ 12K of random text
base64 /dev/urandom | head -c 1000 >> /var/www/html/index.html


# apachectl configtest
a2enmod ssl
a2ensite default-ssl
systemctl restart apache2.service
	#!/bin/bash

	domain=example.com
	commonname=example.com

	country=US
	state=Virginia
	locality=Leesburg
	organization=ExampleCo
	organizationalunit=IT
	email=webmaster@example.com
	password=dummypassword

	apt-get -y update
	apt-get install -y apache2


	# workaround to prevent openssl error
	touch $HOME/.rnd

	echo "Generating key request for $domain"

	# This will generate error about RND file; ignore
	openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
	-keyout /tmp/$domain.key \
	-out /etc/ssl/certs/$domain.crt \
	-subj "/C=$country/ST=$state/L=$locality/O=$organization/OU=$organizationalunit/CN=$commonname/emailAddress=$email"

	#Remove passphrase from the key
	echo "Removing passphrase from key"
	openssl rsa -in /tmp/$domain.key -passin pass:$password -out /etc/ssl/private/$domain.key

	cat << EOF > /etc/apache2/sites-available/default-ssl.conf
	<IfModule mod_ssl.c>
	<VirtualHost _default_:443>
	ServerAdmin webmaster@$domain
	ServerName $domain

	DocumentRoot /var/www/html

	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	SSLEngine on

	SSLCertificateFile /etc/ssl/certs/$domain.crt
	SSLCertificateKeyFile /etc/ssl/private/$domain.key

	<FilesMatch "\.(cgi\|shtml\|phtml\|php)$">
	SSLOptions +StdEnvVars
	</FilesMatch>
	<Directory /usr/lib/cgi-bin>
	SSLOptions +StdEnvVars
	</Directory>
	</VirtualHost>
	</IfModule>
	EOF

	cat << EOF > /etc/apache2/sites-available/000-default.conf
	<VirtualHost *:80>

	ServerName $domain
	ServerAdmin webmaster@$domain
	DocumentRoot /var/www/html
	Redirect permanent "/" "https://$domain/"
	ErrorLog ${APACHE_LOG_DIR}/error.log
	CustomLog ${APACHE_LOG_DIR}/access.log combined

	</VirtualHost>

	EOF

	echo `hostname` > /var/www/html/index.html
	echo '<br><br>' >> /var/www/html/index.html
	# create ~ 12K of random text
	base64 /dev/urandom \| head -c 1000 >> /var/www/html/index.html


	# apachectl configtest
	a2enmod ssl
	a2ensite default-ssl
	systemctl restart apache2.service